package com.haople.sso.web.controller;


import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.alibaba.fastjson.JSONObject;
import com.haople.sso.core.authentication.TicketAuthorization;
import com.haople.sso.core.vo.Ticket;

/**
 * 客户端控制器
 * @author Administrator
 *
 */
@Controller
public class ClientController {
	
	private static final Logger logger=Logger.getLogger(ClientController.class);
	
	@Autowired
	private TicketAuthorization ticketAuthorization;
	
	/**
	 * 验证客户端的票据是否通过
	 * @param userKey 用户的唯一标示
	 * @param ticket 经过base64加密后的ticket
	 * @return
	 */
	@RequestMapping(value="/ticketValidate",method=RequestMethod.POST)
	@ResponseBody
	private JSONObject ticketValidate(String userId,String ticket){
		JSONObject jsonObject=new JSONObject();
		jsonObject.put("validate_status", 0); // 默认是为未批准的
		try {
			if(StringUtils.isEmpty(userId)){
				jsonObject.put("error", "userId is invalid"); 
				return jsonObject;
			}
			if(StringUtils.isEmpty(ticket)){
				jsonObject.put("ticket", "ticket is invalid"); 
				return jsonObject;
			}
			Ticket t=new Ticket();
			t.setUserId(userId);
			t.setTicket(ticket);
			if(ticketAuthorization.authorization(t)){ //验证票据成功
				jsonObject.put("validate_status", 1); // 批准的
			};
		} catch (Exception e) {
			logger.error("--验证客户票据异常--", e);
		}
		return jsonObject;
	}
}
